joe lopes
@lopes.id
Infosec Engineer | Where others see logs, I see stories.
✇ https://lopes.id
✇ https://lopes.id
Last week I shared my latest project, Cordyceps ☣︎, a proof-of-concept ransomware written in Rust.
While it's well documented, I’ve written a blog post showing some crates and techniques used in its development. Follow me. 👾
🔗 lopes.id/2025-cordyc...
#rustlang #cybersecurity #cryptography
While it's well documented, I’ve written a blog post showing some crates and techniques used in its development. Follow me. 👾
🔗 lopes.id/2025-cordyc...
#rustlang #cybersecurity #cryptography
Cordyceps: The Making of Rust Ransomware
An educational Rust ransomware for security research.
lopes.id
September 26, 2025 at 10:41 PM
Last week I shared my latest project, Cordyceps ☣︎, a proof-of-concept ransomware written in Rust.
While it's well documented, I’ve written a blog post showing some crates and techniques used in its development. Follow me. 👾
🔗 lopes.id/2025-cordyc...
#rustlang #cybersecurity #cryptography
While it's well documented, I’ve written a blog post showing some crates and techniques used in its development. Follow me. 👾
🔗 lopes.id/2025-cordyc...
#rustlang #cybersecurity #cryptography
Wrapped up my final Rust learning challenge: an educational ransomware. It covers core systems topics like CLI parsing, file traversal, error handling, and networking, all in an Infosec context.
Meet Cordyceps ☣︎, open-source and built to teach.
🔗
Meet Cordyceps ☣︎, open-source and built to teach.
🔗
GitHub - lopes/cordyceps: Learn ransomware mechanics ⚙︎
Learn ransomware mechanics ⚙︎. Contribute to lopes/cordyceps development by creating an account on GitHub.
github.com
September 18, 2025 at 2:20 PM
Wrapped up my final Rust learning challenge: an educational ransomware. It covers core systems topics like CLI parsing, file traversal, error handling, and networking, all in an Infosec context.
Meet Cordyceps ☣︎, open-source and built to teach.
🔗
Meet Cordyceps ☣︎, open-source and built to teach.
🔗
While studying Rust 🦀, I realized my learning process has shifted completely, with LLMs acting as my new peer. 🤖
I've shared my reflection in a new blog post, comparing my experience with languages like C and Python to my current journey with AI. Follow me! 🪞
🔗
I've shared my reflection in a new blog post, comparing my experience with languages like C and Python to my current journey with AI. Follow me! 🪞
🔗
Reflections on Using LLMs to Learn Rust
Using LLMs as a learning tool for programming.
lopes.id
September 10, 2025 at 9:52 PM
While studying Rust 🦀, I realized my learning process has shifted completely, with LLMs acting as my new peer. 🤖
I've shared my reflection in a new blog post, comparing my experience with languages like C and Python to my current journey with AI. Follow me! 🪞
🔗
I've shared my reflection in a new blog post, comparing my experience with languages like C and Python to my current journey with AI. Follow me! 🪞
🔗
After a couple of months of diving deep into Rust 🦀, I'm sharing my thoughts.
My new blog post presents the language from a security engineer's perspective, with practical examples on core concepts and why they matter for Infosec. Follow my journey. 🦀
🔗
My new blog post presents the language from a security engineer's perspective, with practical examples on core concepts and why they matter for Infosec. Follow my journey. 🦀
🔗
Rust for Security Engineers
Rust language from a security engineer's perspective.
lopes.id
September 3, 2025 at 8:43 PM
After a couple of months of diving deep into Rust 🦀, I'm sharing my thoughts.
My new blog post presents the language from a security engineer's perspective, with practical examples on core concepts and why they matter for Infosec. Follow my journey. 🦀
🔗
My new blog post presents the language from a security engineer's perspective, with practical examples on core concepts and why they matter for Infosec. Follow my journey. 🦀
🔗
Struggling to map detection rules to MITRE ATT&CK? I dropped a new blog post diving into this often-overlooked part of rule documentation. I share a simple, repeatable process to make mapping easier, more precise, and consistent. Grab a coffee and check it out! ☕
🔗 lopes.id/2025-mappin...
🔗 lopes.id/2025-mappin...
Mapping Detection Rules to MITRE ATT&CK
A guide to map detection rules to MITRE ATT&CK.
lopes.id
July 10, 2025 at 5:37 PM
Struggling to map detection rules to MITRE ATT&CK? I dropped a new blog post diving into this often-overlooked part of rule documentation. I share a simple, repeatable process to make mapping easier, more precise, and consistent. Grab a coffee and check it out! ☕
🔗 lopes.id/2025-mappin...
🔗 lopes.id/2025-mappin...
Detection request landed? Stop coding! 🐎 Apply SWE principles for repeatable, high-quality rules from day one. Grab a coffee and follow me! ☕︎👇
🔗 lopes.id/2025-engine...
#detectionengineering #threatdetection #softwareengineering
🔗 lopes.id/2025-engine...
#detectionengineering #threatdetection #softwareengineering
Engineering Detection Rules
Engineer threat detection rules: design, document, then code.
lopes.id
June 21, 2025 at 3:07 PM
Detection request landed? Stop coding! 🐎 Apply SWE principles for repeatable, high-quality rules from day one. Grab a coffee and follow me! ☕︎👇
🔗 lopes.id/2025-engine...
#detectionengineering #threatdetection #softwareengineering
🔗 lopes.id/2025-engine...
#detectionengineering #threatdetection #softwareengineering
You don’t always need to build detection rules from scratch. Reusing solid logic and leveraging AI can save time and effort. No need to reinvent the wheel--optimize it. 💡👇🏻
🔗 rulehound.com/rules
🔗 rulehound.com/rules
Rulehound
An index of publicly available and open-source threat detection rulesets.
rulehound.com
May 26, 2025 at 11:23 AM
You don’t always need to build detection rules from scratch. Reusing solid logic and leveraging AI can save time and effort. No need to reinvent the wheel--optimize it. 💡👇🏻
🔗 rulehound.com/rules
🔗 rulehound.com/rules
When I first learned programming with #Pascal, I relied on books and colleagues. The last time I learned a programming language, Python, I turned to Google, #StackOverflow, and GitHub. Recently, when I decided to learn #Golang, I instinctively opened a chat with an #LLM alongside a book.
April 28, 2025 at 7:18 PM
When I first learned programming with #Pascal, I relied on books and colleagues. The last time I learned a programming language, Python, I turned to Google, #StackOverflow, and GitHub. Recently, when I decided to learn #Golang, I instinctively opened a chat with an #LLM alongside a book.
Why keep a blog in 2025? 🤔 In an era of streamers and AI-made content, blogging might seem outdated. This month, my blog turned 5, 🥳 and I’m sharing some thoughts on why it still matters. Wanna know more? Grab a coffee ☕︎ and 👇
🔗 lopes.id/2025-five-y...
#blog #blogging #dev #reflection
🔗 lopes.id/2025-five-y...
#blog #blogging #dev #reflection
Five-Year Blog Anniversary
Reflections on blogging, ownership, and growth.
lopes.id
April 28, 2025 at 1:59 PM
Why keep a blog in 2025? 🤔 In an era of streamers and AI-made content, blogging might seem outdated. This month, my blog turned 5, 🥳 and I’m sharing some thoughts on why it still matters. Wanna know more? Grab a coffee ☕︎ and 👇
🔗 lopes.id/2025-five-y...
#blog #blogging #dev #reflection
🔗 lopes.id/2025-five-y...
#blog #blogging #dev #reflection
When I joined a more skilled team filled with talented people, I expected to focus solely on solving complex problems and delivering cutting-edge technology.
1/6
1/6
March 31, 2025 at 11:33 AM
When I joined a more skilled team filled with talented people, I expected to focus solely on solving complex problems and delivering cutting-edge technology.
1/6
1/6
Just finished reading another book, this time on automation and detection engineering. I’m sharing my review here, and as a bonus, I’ve also uncovered a bug in a YARA-L rule while reading. Check it out! ☕︎ 🔍 🕵️
🔗 lopes.id/2025-book-a...
#detection #engineering #automation #dev
🔗 lopes.id/2025-book-a...
#detection #engineering #automation #dev
Automating Security Detection Engineering
Review of Automating Security Detection Engineering book.
lopes.id
March 28, 2025 at 2:35 PM
Just finished reading another book, this time on automation and detection engineering. I’m sharing my review here, and as a bonus, I’ve also uncovered a bug in a YARA-L rule while reading. Check it out! ☕︎ 🔍 🕵️
🔗 lopes.id/2025-book-a...
#detection #engineering #automation #dev
🔗 lopes.id/2025-book-a...
#detection #engineering #automation #dev
This excellent article by Scott Chacon, one of the founders of GitHub, shares some fantastic Git configurations. Some, like help.autocorrect and push.autoSetupRemote, are true lifesavers! A must-read for Git users. ☕︎
🔗 blog.gitbutler.com/h...
#git #dev #config #engineering
🔗 blog.gitbutler.com/h...
#git #dev #config #engineering
How Core Git Developers Configure Git
What `git config` settings should be defaults by now? Here are some settings that even the core developers change.
blog.gitbutler.com
March 13, 2025 at 5:50 PM
This excellent article by Scott Chacon, one of the founders of GitHub, shares some fantastic Git configurations. Some, like help.autocorrect and push.autoSetupRemote, are true lifesavers! A must-read for Git users. ☕︎
🔗 blog.gitbutler.com/h...
#git #dev #config #engineering
🔗 blog.gitbutler.com/h...
#git #dev #config #engineering
This week, I dove into Elastic's Detection Engineering Behavior Maturity Model (DEBMM), and the insights are incredible! It's a structured approach for detection teams to mature, ensuring that rulesets are developed, managed, and improved effectively! 100% recommended! ⭐
🔗 www.elastic.co/secur...
🔗 www.elastic.co/secur...
Elastic releases the Detection Engineering Behavior Maturity Model — Elastic Security Labs
Using this maturity model, security teams can make structured, measurable, and iteritive improvements to their detection engineering teams..
www.elastic.co
February 28, 2025 at 9:43 PM
This week, I dove into Elastic's Detection Engineering Behavior Maturity Model (DEBMM), and the insights are incredible! It's a structured approach for detection teams to mature, ensuring that rulesets are developed, managed, and improved effectively! 100% recommended! ⭐
🔗 www.elastic.co/secur...
🔗 www.elastic.co/secur...
Another book review! 📕 This time, with an Infosec classic: A Bug Hunter's Diary. 🔍 In this post, I share some of the takeaways and insights I gained from this gem. ☕︎
🔗 lopes.id/2025-book-b...
#book #vulnerability #research #infosec
🔗 lopes.id/2025-book-b...
#book #vulnerability #research #infosec
A Bug Hunter's Diary
A deep dive into bug hunting with practical lessons.
lopes.id
February 21, 2025 at 9:55 PM
Another book review! 📕 This time, with an Infosec classic: A Bug Hunter's Diary. 🔍 In this post, I share some of the takeaways and insights I gained from this gem. ☕︎
🔗 lopes.id/2025-book-b...
#book #vulnerability #research #infosec
🔗 lopes.id/2025-book-b...
#book #vulnerability #research #infosec
Anvilogic's report on perspectives from the Detection Engineering trenches is a must-read for both teams seeking direction and newcomers to the field. Grab a coffee and enjoy the reading! ☕︎ 🗞️
🔗 www.anvilogic.com/re...
🔗 www.anvilogic.com/re...
2025 State of Detection Engineering Report | Anvilogic
The 2025 State of Detection Engineering Report reveals key trends & challenges in detection engineering—from AI adoption to skill gaps and data access.
www.anvilogic.com
February 20, 2025 at 4:25 PM
Anvilogic's report on perspectives from the Detection Engineering trenches is a must-read for both teams seeking direction and newcomers to the field. Grab a coffee and enjoy the reading! ☕︎ 🗞️
🔗 www.anvilogic.com/re...
🔗 www.anvilogic.com/re...
I found a lexical analyzer I wrote 20 years ago in C. 👴 I used to feel ashamed of its flaws, but now I realize they show how much I’ve learned. Sharing the link, but as a security engineer, here’s my comment on the README: "Buffer overflow risk, like many C programs. 😅"
🔗 github.com/lopes/vol...
🔗 github.com/lopes/vol...
vol/analisador-lexico at master · lopes/vol
Codes I shared at Viva o Linux community. Contribute to lopes/vol development by creating an account on GitHub.
github.com
February 12, 2025 at 7:30 PM
I found a lexical analyzer I wrote 20 years ago in C. 👴 I used to feel ashamed of its flaws, but now I realize they show how much I’ve learned. Sharing the link, but as a security engineer, here’s my comment on the README: "Buffer overflow risk, like many C programs. 😅"
🔗 github.com/lopes/vol...
🔗 github.com/lopes/vol...
Closing out January by reviewing the first tech book I’ve read in 2025: Git for Teams 📚. If you work with Git but haven’t taken the time to dive into best practices, this one’s for you! 💻✨ Check out my review!
🔗 lopes.id/2025-book-gi...
🔗 lopes.id/2025-book-gi...
Git for Teams
Best practices and workflow tips from Git for Teams.
lopes.id
January 31, 2025 at 7:10 PM
Closing out January by reviewing the first tech book I’ve read in 2025: Git for Teams 📚. If you work with Git but haven’t taken the time to dive into best practices, this one’s for you! 💻✨ Check out my review!
🔗 lopes.id/2025-book-gi...
🔗 lopes.id/2025-book-gi...
One afternoon using Zed was enough for me to decide to replace VScode. Written in Rust and with a reasonable setup out of the box, this project deserves more attention. zed.dev
Zed - Code at the speed of thought
Zed is a high-performance, multiplayer code editor from the creators of Atom and Tree-sitter.
zed.dev
June 13, 2024 at 8:22 PM
One afternoon using Zed was enough for me to decide to replace VScode. Written in Rust and with a reasonable setup out of the box, this project deserves more attention. zed.dev
Been struggling with arrayformula and if/and in Google Sheets trying to find a mistake preventing my formula from running. Then I find this tip stating that the logical and in if within an arrayformula is "*". Thank you Google /s
stackoverflow.com/questions/70...
stackoverflow.com/questions/70...
Using IF, AND/OR (many condition) with Array formula in Google sheets
Could someone help me?
I'd like to use the Array formula with AND/OR as follows but it doesn't work
=ArrayFormula(if(AND(AG2:AG="Yes",AI2:AI<>""),"Ok","Blan...
stackoverflow.com
April 30, 2024 at 1:31 AM
Been struggling with arrayformula and if/and in Google Sheets trying to find a mistake preventing my formula from running. Then I find this tip stating that the logical and in if within an arrayformula is "*". Thank you Google /s
stackoverflow.com/questions/70...
stackoverflow.com/questions/70...
The beauty of using themes as submodules in Zola comes when you update your theme with a neat `git submodule update --remote`. 👌
March 14, 2024 at 8:31 PM
The beauty of using themes as submodules in Zola comes when you update your theme with a neat `git submodule update --remote`. 👌
I've just finished reading "The Cuckoo's Egg" and posted a review in my blog. But while I was searching any video to contextualized it, I stumbled upon this one that perfectly shows Cliff's energy and eagerness to learn.
www.youtube.com/watch?v=9yUZ...
www.youtube.com/watch?v=9yUZ...
Secrets to measuring a piece of paper - Numberphile
When Cliff Stoll sets your homework, there's always an extra lesson.More links & stuff in full description below ↓↓↓More Cliff videos: http://bit.ly/Cliff_Vi...
www.youtube.com
March 13, 2024 at 2:00 PM
I've just finished reading "The Cuckoo's Egg" and posted a review in my blog. But while I was searching any video to contextualized it, I stumbled upon this one that perfectly shows Cliff's energy and eagerness to learn.
www.youtube.com/watch?v=9yUZ...
www.youtube.com/watch?v=9yUZ...
I truly miss Pearl Jam's "Live at Benaroya Hall" album on Spotify. IMO, that's the band's genuine unplugged experience. A masterpiece.
February 1, 2024 at 2:41 PM
I truly miss Pearl Jam's "Live at Benaroya Hall" album on Spotify. IMO, that's the band's genuine unplugged experience. A masterpiece.
Just watched a mind-blowing video on the M1 CPU – it's making me seriously consider getting an M1 MacBook! The performance and efficiency are game-changers. 🚀
www.youtube.com/watch?v=OuF9...
www.youtube.com/watch?v=OuF9...
How Apple Just Changed the Entire Industry (M1 Chip)
Sign up for Morning Brew today for FREE: https://cen.yt/morningbrewcoldfusion3ColdFusion Merch:INTERNATIONAL: https://store.coldfusioncollective.com/AUSTRALI...
www.youtube.com
January 17, 2024 at 4:37 PM
Just watched a mind-blowing video on the M1 CPU – it's making me seriously consider getting an M1 MacBook! The performance and efficiency are game-changers. 🚀
www.youtube.com/watch?v=OuF9...
www.youtube.com/watch?v=OuF9...